Translation: FSB Major (OU TsIB) Dmitry Dokuchayev has been arrested, now all the hacking into the US systems will be hung on his group. Cancellation of the sanctions in exchange for the hackers.

This is just a tweet, guys. It's not a found fact. It is not in a charging sheet or indictment or even in an investigator's statement leaked to the press. It's just someone rushing to the pessimistic conspiracy-theory conclusions that everybody rushes to in Russia because it's in Russia.

I think all such talk has to be expressed and debated and looked at. I'm not a net-nanny who says people shouldn't "rush to conclusions" and publish the names of suspects they've heard on police radio chat during the hunt for the Boston bombers ahem. I think the only way you get to the truth with a black box like Russia and a black sack like these hacker arrests is you talk, theorize, see if things fit, see if it sticks.

But you do have to point out that there is no CONNECTION. There is nothing to TIE these people to the US.

What's interesting about Krebs is the solid information based on his professional expertise that he HAS brought to this case, for example, although he's putting it himself in the form of speculation -- and later as you see, some interesting facts he has brought about ALLEGATIONS OF an American connection:

The arrests may very well be tied to a long-running grudge held by Pavel Vrublevsky, a Russian businessman who for years paid most of the world’s top spammers and virus writers to pump malware and hundreds of billions of junk emails into U.S. inboxes.

But we don't know that Vrublyovsky - arrested and given a relatively light sentence which he served -- is going to turn around and now talk to American security researchers sympathetically about how the DNC was hacked. We don't know that he OR his hired guns at the FSB hack shop are going to do that. We just don't. The fact that Vrublyovsky has blown in Mikhailov with these accusations for his own personal reasons -- he thinks he's part of the mob that got him in jail -- can't be accepted as facts on the ground because he's not a trustworthy interlocutor as an ex-con in a mafia world with a grudge.

The first thing I thought of when I learned Vrublyovsky (I'm translating it the way it is pronounced in Russian) was a spam king -- hmm, you mean like those marketing people -- spam for some people -- that were said to be on Trump's server talking to Alfa's server? Any relation?

Krebs then goes on to tell you about King Servers, which we already knew about from the New York Times:

That report was based in part on an August 2016 alert from the FBI (PDF), and noted that most of the Internet addresses were assigned to a Russian hosting firm called King-Servers[dot]com.

But then you'd have to tie the King Servers affair to the material we have from the FSB leaks to see if it "fits".

“The analysis of the internal data allows King Servers to confidently refute any conclusions about the involvement of the Russian special services in this attack,” Fomenko said in his statement, which credits ChronoPay for the translation. “The company also reported that the attackers still owe the company $US290 for rental services and King Servers send an invoice for the payment to Donald Trump & Vladimir Putin, as well as the company reserves the right to send it to any other person who will be accused by mass media of this attack.”

Let me put my translation:

The company King Servers, which owns the servers from which hacker attacks were made on the servers of the Democratic Party in Illinoise, have declared the absence of any "Russian trail" in the organization of this cybercrime. This company also says that the miscreants owend $290 to the company for the rental of the servers and are retaining the right to send a bill for payment to Donald Trump, Vladimir Putin and any other people who are accused by the media in this attack.

Krebs then writes some more interesting detail:

I mentioned Vrublevsky in that story because I knew Fomenko (a.k.a. “Die$el“) and he were longtime associates; both were prominent members of Crutop[dot]nu, a cybercrime forum that Vrublevsky (a.k.a. “Redeye“) owned and operated for years. In addition, I recognized Vrublevsky’s voice and dark humor in the statement, and thought it was interesting that Vrublevsky was inserting himself into all the alleged election-hacking drama.

That story also noted how common it was for Russian intelligence services to recruit Russian hackers who were already in prison — by commuting their sentences in exchange for helping the government hack foreign adversaries. In 2013, Vrublevsky was convicted of hiring his most-trusted spammer and malware writer to attack one of ChronoPay’s chief competitors, but he was inexplicably released a year earlier than his two-and-a-half year sentence required.

All of this is interesting and useful, but the claim that “many Russian media outlets now report the men are suspected of leaking information to Western investigators about Russian cyber intelligence operations.” They haven't said that (read everything I've done this); if there is one English-language source saying it, it's speculative.

Well, sure. Except we need to dig deeper here. Why was Vrublyovsky trying to hack and mess up a competitor? Who put him up to that? What is Asset (the rival) all about? Who is behind it? Does Aeroflot itself have any preference or payout or thing that would lead us to suspect they had a preferred payments processor? And so on.

This story can't be looked at SOLELY from the perspective of the field of cybersecurity -- although it may turn out to be about that. Hackers are not just powers in society themselves; they are hired guns for other people, maybe more than they are in the US so this might be hard to contemplate for some.

Sure, the FSB needs hackers, and so does the NSA, which is why they make poor hiring choices involving ex-cons or people like Snowden.

But really, a spam king hired by X Big Gun in Russia is hired by the FSB just because they need hackers? This is only true if the people who put him up to attacking Asset were utterly aligned with the FSB or WERE the FSB, because THEY had a business interest in having one payment system over another. SUCH an interest that they'd be willing to cause poor Aeroflot, which is now private and has had a shit-ton of its own internal problems, to lose more than a million dollars over loss of ticketing services for days. Truly, guys, that bit has to be researched because it explains MOTIVE.

The "inexplicable release" can't be ONLY explained by the FSB's need for hackers. After all, Russia is a vast country of nerds and educated programmers, and not all were fortunate enough to escape to get a job for Google or Facebook in California. Sure, they may need some very sophisticated ones. And the issue here isn't the Vrublyovsky himself sits and bangs the keyboard, what this may be about is an understanding that he comes "with" a team or at least a very clever hacker that is his gunman, and that's what the FSB wanted. We don't know. But just looking at it all from my perspective, I'm thinking the early release comes from some business interest with connections that wanted Aeroflot or Asset harmed, and had the assets in the Investigative Committee or the Federal Corrections System to spring Vrublyovsky, likely using the UDO "time off for good behavior" system. Many an "asset" has been sprung in this way; we have only to recall the former minister of defense's mistress when they were all caught in an apartment sale scam.

Meanwhile, the malware author that Vrublevsky hired to launch the attack which later landed them both in jail told The New York Times last month that he’d also been approached while in prison by someone offering to commute his sentence if he agreed to hack for the Russian government, but that he’d refused and was forced to serve out his entire sentence.

That is, forgive me for being a tad skeptical of weepy stories that suddenly appear in the NYT at a time when we need to imagine that there are some people who might turn to helping us prove the Trump dossier is totally real.

That is, I voted for Hillary and I'm quite prepared to believe all these bad things, but I have spent a lot of time myself trying to research the Russian connection to Trump. And I don't find the smoking gun. There are many promising angles that maybe some journalist will push through to such a smoker -- and in my view, the Alfa-Trump servers story is very likely, and I utterly disbelieve Glenn Greenwald and Snopes on this -- I think Franklin Foer got it right and I'm glad he persisted to his second story.

PS just as an aside, guys. How come all the same hackers and lefty geeks and Anon script kiddies and crypto kids, as well as the lefty and liberal blog sites and media who feed off them who were blasting us all for months on end saying the Russians couldn't POSSIBLY be behind the DNC and other hacks and there was "no proof" are instantly finding a million angles to show the Trump dossier is real because an ex-con spam king says so, or because the fact of arrests of Russian hackers at/around the FSB tells us this?

Seriously, it is awfully damn strange. What are the explanations for this?

1) Russia is now working overtime through its networks of influence to get people to believe in the authenticity of the Trump dossier, because they know if they do that, they can endlessly keep busy chewing and arguing about whether Michael Cohen was really in Prague, or whether the Russian in the cybersecurity firm is in Kaspersky Lab or King Servers or WHERE, and never focus on the fact that this is a decoy, and the FBI has OTHER information, but maybe they can't close in on the suspect.

2) These people had a change of heart when Trump was really elected and the veil fell from their eyes and they now have gotten religion about Russia.

Well, alright.

The most important thing Krebs has is information we couldn't have known as it was his private knowledge he didn't relate until now:

In that conversation, Vrublevsky said he was convinced that Mikhaylov was taking information gathered by Russian government cybercrime investigators and feeding it to U.S. law enforcement and intelligence agencies and to Zenz. Vrublevsky told me then that if ever he could prove for certain Mikhaylov was involved in leaking incriminating data on ChronoPay, he would have someone “tear him a new asshole.”

But we already know from the Russian media (leaks from the FSB and whatever) that Vrublyovsky has been trying to wriggle out of the charges against him -- which we don't know are true or not given that he is a spam king and the sort of person to hire creepy cyber thugs for his work -- that Vrublyovsky was crying the blues about how these nasty FSB men were ganging up on him.

I'm afraid to go look for who really owns Chronopay and Assets because this is likely above my pay grade as a blogger. I do recall that on railroad ticket processing apps operating on the Internet, Navalny was able to uncover a big scam from by Putin's friend Vladimir Yakovlev, former CEO of Russian Railways. So, I figure both the air ticket systems are of that nature -- big oligarchs behind them because they involve lots of cash payments that perhaps are easily not recorded and turned into slush funds or diverted offshore.

Let's do back up here, however. Why would this good, trained, solidly employed FSB agent Mikhailov, who, unlike the other people arrested didn't previously work for an FSB rival (Department K a the police) like Stoyanov, and weren't hackers forced to become FSB agents, like Dokuchayev and Anikeyev, decide he needed to blow things into the Americans. Why?

Would any pay that our probably not terribly competent spy people could offer him, or any operational cover they could offer him (obviously blown now if they were really in it), be worth it?

Obama promised the Russians that he would respond to the Russian hack of the DNC and the other bad things "in kind". Is this the blow-up of that thing? That equal things would be done to the Russians. Were they done? Did they work? Or? I remember when I read that I was worried, because I don't think intelligence under Obama is capable of that. Forgive me, but it's not just the lack of leadership and the waning of skills for 8 years, but it's just a general sense that Russian specialists don't exist in these places anymore capable of this kind of job, and these agencies are hopelessly penetrated by moles, which is why we have Snowden. I have absolutely no reason to think that other than a hunch, so maybe -- I hope -- I'm wrong. Perhaps the arrest of Mikhailov is a failed CIA operation. But for me, it's more plausible scenario to believe it's a failed operation by German Gref.

It's hard for me to believe that anybody in Eugene Kaspersky's shop would be helping American intelligence, for lots of reasons.

This theory Krebs puts forth, based on the ex-con Vrublyovsky's variant is that Mikhailov is crooked and helping the Americans. About Ruslan Stoyanov, Vrublyovsky said he is a former agent of the Interior Ministry's BSTM, which we knew, but he adds that he was "fired for who the hell knows why" and that he "took direct part in the operation with the British police on the DDoS attacks on the British casino by the group from Saratov.

Well, we need British intelligence/journalists/somebody to corroborate that there was this thing.

He says Stoyanov organized a mini-company called Indrik that had no website and it's not clear if it is even a registered company which is supposed to be involved in DDoS protection. "Kiryushen, in the last attack on Aeroflot, recommended them. Likely not without Sergei's help," i.e. Mikhailov.

You see, if these things were true, they happened on Kaspersky's clock, and then Eugene is either in on them or not. Perhaps the reason he is absolutely silent about this man's arrest is that he has nothing to do with this (or everything to do with it, but likely the former) and just will let him burn. Obviously it wouldnt' be good for his business, which relies on the FSB's good graces, to have such a hobby thing like this going on.

I still want to know how Department K's guy at Kaspersky got to hob-nob and do ops with the FSB's Mikhailov. Were they in Komsomol together? No, too young. Karate class? These are not natural allies so that means this is either a very weak place in this story or there's "a thing" we haven't seen, i.e. "another Russian". That is, Kaspersky's finally-public collaboration with the FSB on fighting cyber-crime announced in 2013 when Stoyanov was said to be hired does not explain it. It might even have been hard for the FSB to accept that Kaspersky's guy, from their rival, Department K, was someone they now had to play nice with for the sake of crime-fighting for the Motherland. I just don't know the dynamics. We need more here. The theory of the case asks us to believe these two colluded AND they had an American angle, and I'm not buying either completely.

Obviously, as much as we think of Russia as a monolith with companies and government and intelligence all intertwined, in fact it is more complicated and a harried Aeroflot official has to find some hacker-helper for his site ticketing problems like any executive in the world, and hires a private company not knowing what he gets, or even hires them but doesn't realize that even unknown to them, some guy is working some other angle.

Cyber-anarchists are the people who really run things in the world as I explained in my book three years ago. Krebs quotes Vrublyovsky's email -- my translation:

Stoyanov has an employee whom nobody knows about -- Dmitry Levashov. Levashov lived for a long time with a certain Kimberly Zenz. She in turn is the main official specialist on Russian issues for the company iDefense. Almost all negative documents about Russia (DDoS attacks on Estonia, Georgia, the mythical RBN) are signed by her.

Well, here I'd interpret Vrublyovsky as being pro-Putin, pro-FSB largely speaking and therefore not a friend to the cause of finding out who hacked the US. So I'd be careful.

What he's doing here is burning Mikhailov with the things he think he can best burn him -- contact and leaking to the Americans. He continues:

Sergei Mikhailov's main asset is the ability to look at data in wallets in the Webmoney system using the cooperation with the FSB TsIB of the latter. And they in turn in secret from the user collect an enormous collection of data on system users, and accordingly know the wallets of any ill-doer; to find him out exactly is next to elementary. It looks like Ruslan and Sergei found various "marks" who were easily turned or on whom there was a large base of evidence and through Kimberly, leaked to iDefense, so that the later turned now already for their own profit an even or a crime into one with a global international hue, and officially through US intelligence dumped to Russia, where it landed on Sergei's desk and thus often made a mountain out of a molehill; the later would defend itself elegently, and iDefense would receive incredible grants from the USA in the struggle with the Russian threat.

Well, the acidic tone of this piece, which Krebs also remarks on, and the cynical and anti-American feeling shining through, let's me know that this testimony itself is not trustworthy. Maybe Mikhailov did these things; maybe not.

I personally don't buy the theory of "large grants from the US government" as a reason for the motivation of cybersecurity companies because I think a) this isn't true for all of them at least b) things don't work here as they do as in Russia and c) it's a very primitive explanation for the motivation of professionals who aren't required to get government contracts (as they are in Russia) but can go to private companies and likely earn more.

But hey, now that we know that "the system works this way," according to Vrublyovsky, we'd have to wonder if the entire story of "brave Russian hackers leak the truth about Putin's hack of the DNC to US intelligence to save the world from Trump" in fact works this way, i.e. is fake. I guess I don't buy that narrative for a 100 reasons which I can put in another post if you don't get it.

Krebs then quotes the lady in question, Kimberly Zenz:

“It is hard for me imagine how Vrublevsky would be so powerful as to go after the people that investigated him on his own,” Zenz told KrebsOnSecurity. “Perhaps the infighting going on right now among the security forces already weakened Mikhaylov enough that Vrublevsky was able to go after him. Leaking communications or information to the US is a very extreme thing to have done. However, if it really did happen, then Mikhaylov would be very weak, which could explain how Vrublevsky would be able to go after him.”

Bingo. There is some oligarch, person, thing behind all this -- go back to that huge loss Aeroflot suffered. Aeroflot is a government company but as an "asset" it must belong to a certain clan/mafia group. More research is needed. I agree that on his own, this low-level guy who may have gotten an FSB friend to moonlight for him, wouldn't do all these other things.

Since Zenz and all the others in this story are really basically interested in the success of their commercial field, which relies on trust, this comes next:

Nevertheless, Zenz said, the Russian government’s treason case against Mikhaylov and Stoyanov is likely to have a chilling effect on the sharing of cyber threat information among researchers and security companies, and will almost certainly create problems for Kaspersky’s image abroad.

“This really weakens the relationship between Kaspersky and the FSB,” Zenz said. “It pushes Kaspersky to formalize relations and avoid the informal cooperation upon which cybercrime investigations often rely, in Russia and globally. It is also likely to have a chilling effect on such cooperation in Russia. This makes people ask, “If I share information on an attack or malware, can I be charged with treason?’”

Andrei Soldatov said the same thing to the Guardian; others have said that the main lesson learned from this story is that all these relations between Russian/international cybersecurity firms with the FSB and their set of recruited or hired hackers are going to have to be re-negotiated.

Forgive me if I'm not staying up late worrying about their problem, and wondering if it is a good idea to date Russians if your job is to deal with security related to Russia. The reality is, this world is impossibly interbred now. The main hope of our proof for the DNC hack (or least a major source of the proof) is a Russian emigre (Dmitry Alperovsky) that you have to hope to God doesn't have a grandmother in Russia having her pension removed now, or some other form of pressure.

No one is going to listen to my thoughts on this because I'm a crazy cat lady and not a geek but I think some may accept the premise that not every Russian citizen or emigre will be trustworthy and in that kind of situation, you have only one hope: triangulate, triangulate, triangulate with other Russians to try to get the story.

My answer to Krebs:

There isn’t any Russian media actually saying that point; I’ve covered this story pretty extensively, translating the main articles. Perhaps there’s one story in the English-language Moscow Times or something, but be specific.

I think there has been speculation on Russian social media, and comments sometimes reported by media that maybe there is some “leak to Westerners” angle on this. I was the first to report this in English and I explained the complicated way in which one *might* extract how this *might* be a swoop down by counter-intelligence to burn people who exposed Russian officials in the Trump dossier or something related to the US. That’s extrapolation from known facts, which is like lost-wax casting.

That’s because it’s Russia. We don’t know. There is no indictment, no lawyer, no weeping relatives, no human rights groups with a shred of info from other prisoners, no co-workers leaking, no neighbours talking about strange men in masks — NOTHING. ALL we have are two or three FSB agents leaking a story told from THEIR perspective.

I urge you to read through everything we’ve published to see if you can put together any other hypotheses, which are always useful.

PS I should add in fairness that now we have the news Krebs has brought about Vrublyovsky's emails. But we already knew Vrublyovsky was fuming and busy trying to find a way to "get" the FSB people he thought had burned him. So it's just not enough until we find out more who is behind the companies, German Gref, etc.

I'm going to park a copy of this post to Ars Technica, Snowden's old favourite haunt and a place of absolutely despicable cyber anarchists as well as reasonable, moderate and intelligent cybersecurity professionals -- not to mention thin-skinned geeky moderators like all such places -- just in case:

What I'm astounded at here in this discussion is the entirely uncritical attitude toward Kaspersky Laboratory and apparent lack of knowledge about Kaspersky's past -- he was educated at a KGB cryptography school and worked for military intelligence. If this seems benign to some of you, then you don't realize it is not the equivalent of anything in the US whatsoever. Russia is a country where not one couple who some believe were "framed" went to the electric chair (they were both guilty as Soviet files later indicated) but tens of millions were executed or worked or starved to death with the predecessors of the people Kaspersky worked for presiding over it, and becoming victims themselves.

I don't need a recitation of Kaspersky's valiant achievements. His reporting of Stuxnet first lets you know he may have state capacity behind him.

Even if you want to put an entirely apolitical spin on it and say that Kaspersky was (now publicly) working since 2013 with the FSB (the KGB's successor) to do the good deed of catching cybercriminals who stole credit cards, there is just too much that is murky here to accept what you see at face value.

Why didn't Kaspersky sound the alarm about the arrest of his own "top manager" as Kommersant called him (which the PR of Kaspersky denies)? He's been tweeting tips on security and cat pictures for week while his colleague sat in Lefortovo. Why did he throw him under the bus? They have utterly disassociated themselves from this man who spoke at international conferences and was never disrespected before this; indeed, he worked for the FSB's rival at Department K of the MVD, and maybe that's the problem.

So little is known about the other two FSB men arrested along with Stoyanov, but truly, there isn't any hard evidence or even convincing link that they hacked the DNC or Arizona's election system or are the people named in the Trump dossier. All of that is pure speculation as various theories spun in the Russian media. LawFare doesn't have any fact to make this claim, only the opinion that people arrested in such a dramatic way may be suffering payback if the Russians thought -- after reading the Trump dossier -- that they were penetrated and had to punish the leakers instantly. I was the first to explain that theory in detail last week, but never with any indication that we have any evidence of it, indeed as we have no evidence that the Trump dossier is real, only a lot of interesting stories some of which haven't checked out but "sound" plausible.

For all we know, the Trump dossier is an FSB/GRU concoction to distract people from the real files. But when so much of this story of the arrests revolves around internal business and contract turf wars in the cybersecurity business, even with the desire we all have to find the Trump connection in anything that might expose the creepy ties to Russia, you have to find facts and not link spots on the moon. Just because Lawfare and Rachel Maddow now speculate in the way people you hated speculated only a few years ago about Russia's evil doesn't mean it's true.

I also thinks it's inappropriate to think only of this story may harm your own skin, or be "coming soon here" due to Trump, or some other nonsense. Perhaps you could have a little solidarity for your fellow geeks? At least one of them is a show-off hacker who wrote for the Russian Hacker magazine then went to work for the FSB. Is your friend Snowden any different?

Everything in the official and pro-government press -- not that this can be trusted at all -- gives a different version of the story that has to do with a 2011 case involving two rival ticket processing services online becoming embroiled in a story about how one of them hired hackers from the FSB to DDoS the other. Frankly, that sounds very plausible. It seems more likely that the result of the arrests and the media leaks is that now more attention is shed on that very dubious "collaboration" between Russian government intelligence and "private" firms that only roughly parallels what goes on in the US -- and the nature of the government matters.

Some Russians are tweeting the Putin will extradite these hackers to Trump and give them his heads saying they hacked America without his knowledge. For Putin, it will be a "limited hangout" as in the Nixon era. And Trump will give up the gun runner Victor Bout, whom even Obama would not release to the Russians.

Here are links to translations and analysis of the main media stories in the Russian press:

There was a plot floated on the Maddow show that maybe this guy was supplying info to that MI6 agent on Trump. Keep in mind today all non elected senior officials in the State Dept were canned. There is also info that sanctions on Russia will be lifted as soon as Tillerson gets confirmed.

2) Everything we know about this story (see all my links and the links to the Russian originals and translations) , which comes from the FSB telling their friends at two pro-government news outlets (meaning it may or may not be true, all or in part), speaks of a case in 2011. And *Kaspersky Lab itself* speaks in their press release of the fact that the reasons the FSB arrested their colleague was related to a case that PRE-DATED his employment, which they say in their press release was in 2013. (To be sure, one paper gives another date but it could be a mistake). So you're scientists, take the only two facts that match at all in this entire blur of hypotheses and put them together: the FSB leak to Tsargrad TV saying it's the 2011 Aeroflot-related case with Vrublyovsky, and Kaspersky's press release saying it's a case that "predates his 2013 employment," i.e. therefore possibly in 2011 -- and PS not related to Trump.All press articles, independent and state, make the point about "2011" which suggests this isn't related to Trump.

3. I found one Russian tweeting provocatively that he thought Putin would give Trump their heads and say they hacked Arizona. It strikes me that "Arizona" is the lease offensive of all the Russian hacks although the only one related to actual voting booths. That's because it's caught, and hacking voting machines is hard and even when done, not massively influencing elections. Meanwhile the DNC hack and the Trump dossier, which are social hackers, are much more destructive.

0 (0 / 0)***All these loathsome little upvotes and downvotes quoted texts and sheer, idiotic snark -- I'm glad I don't spend as much time as I used to on those geek boards.There's a lot one could say about Kaspersky. But one doesn't because he pressures journalists to write another more sympathetic round about his story if he doesn't like how the first round came out. There's been several such famous scandals, in Wired and in Bloomberg. Suffice it to say that the US government doesn't allow Kaspersky AVs, and I uninstalled mine years ago out of concern it may phone home. Perhaps geeks working with very sophisticated mafia/state/criminal/etc hacking/theft find that they need to have someone connected to the government like this to be effective. I'm not playing though.

January 11, 2017

The bit about Alpha is understandable as anyone would anglicize the name that way. Barvikha *does* have dachas set aside for top officials, even if cooks and maids live there, too, as well as oligarchs.

But there are way more important oddities in this report:

o Claim that Rossotrudnichestvo, a state agency to cultivate emigres and foreigners abroad, is some kind of "parastate" agency or "cover" -- it *is* a state agency, like the Soviet Friendship Committee. So it's not very secret and wouldn't be use for a covert meeting although it's used to find agents of influence. Also, Cohen denies he was in Prague, and it's a long way to drive from Italy. Czech Republic could be asked to confirm or deny.

o Carter Page denied he met Rossneft CEO Igor Sechin (and why would someone as important as Sechin meet with a lowly maybe-advisor to Trump?). But what's odd about the claims for that meeting are that Sechin would have offered Page/Trump the 19% of shares in Rosneft that eventually went to Qatar and Glencore. It just doesn't make sense that Sechin would offer these shares to an American real estate mogul without cash for investment (it was expensive) not even in the oil business. RBC was sued by Sechin for reporting that the government warned BP, which already owns shares in Rosneft off this deal, and it was frequently rumored to be shopped to "Asians" or proxies for Rosneft/Russia itself. It just doesn't seem plausible that it could ever have been offered to Americans in any form, especially these Americans. And to get Trump onside, they wouldn't need to force him to spend money he didn't have on an oil company in Russia where he would stick out like a sore thumb.

o Most weird of all to me is the notion that presidential administration spokesman Dmitry Peskov was handed this very sensitive dossier on Trump kompromat [compromising material] to manage, and then overdid it. It makes no sense to have the PR voice of the presidential administration handling a dossier that he himself didn't publicize (unless as part of his office's job telling state media what to write and not write) and wouldn't have compiled as part of his job description in the first place. Intelligence would have done that. It's plausible that Ivanov, in the PA, as a trusted KGB crony of Putin's might have had this job "outside the usual channels," but the claim is that he was "backed by the SVR" then (not the FSB, which would have had to gather the kompromat inside Russia) and that this dossier went "from the MFA to Ivanov/SVR to Peskov". All just very weird. Intelligence just doesn't work that way. Then the claim is that Ivanov was removed from his job over this blowback. Well, interesting because it *was* sudden and nobody knows why, but really? Very bizarre. Perhaps that's the reason it is authentic -- but equally could be the reason it's fake, because the authors don't realize how the Kremlin works.

Perhaps this is a very garbled version of a story that does involve Ivanov as handling the Trump dossier. Even after he was fired, Ivanov was sent out to do spin control on the "Russia wants Trump as president" story, walking it back. That was both evidence that Ivanov was still very much in favour in the Kremlin and that the Kremlin needed to dial the story back. But the wild bungling and overplaying of hands that needed only a slight nudge to be effective -- the main message of this report -- don't add up as a Russian M.O.

o The part that has the most attention is the least substantiated, someone as important as Trump orders prostitutes who do golden showers in the presidential suite, and they all disappear and are silent after bribes? Really? Seems bizarre and meant as a red herring. Trump is very careful to surround himself with aides and lawyers that keep scandal away. We're to believe that he'd be indiscreet enough in Russia to hire prostitutes?

o The most important aspect of this report is not whether it is true or flawed but the use to which it has been put -- notably by the US intelligence community in confronting Trump and trying to get him to believe he could be compromised by the Russians. Obviously, it's easier for the IC to use a thing like this than its own real reports.

Or it could be a Russian disinformation operation of its own, as now total chaos has broken out in the media, with calls for the FBI to investigate Michael Cohen, and him saying he was in Italy, and at his son's baseball games in the US not in Prague.

o The point is, this agents' network of a figure close to British intelligence exists. That means it is available to UK intelligence which cooperates with US intelligence. The US may have its own sources or the same sources.

o The sources have very high access and that seems surprising, then, that they end up in a report that is shopped around widely like this. Because with some digging, any of them could be exposed. Who is that Russian emigre in the Trump camp? Is that Felix Satter or somebody else?

o All in all, this report "can't be unread," as a colleague put it. It will remain indelibly part of the landscape. I wonder what Russian pundits think of this theory of Ivanov and Peskov, would love to hear their assessment.

January 08, 2017

I haven't always liked everything that came from Bill Burns -- he was the implementer of the ill-advised re-set, after all, and didn't quit in protest. Finally he did leave the Administration, early, and strangely went to Carnegie. Strangely, because I thought he was more critical of Russia than that, and would be better suited somewhere else. But where? He's not so critical to be at the McCain Institute. He's a liberal, and couldn't go to Heritage or AEI. I don't know if those academic think tanks like CSIS had a place for him that was worthy of his stature. The thing is, Carnegie remains prestigious, even if it tilts to Moscow and is at times shameful, as Jamie Kirchick has aptly chronicled.

Even so, William Burns knows more about Russia than you or me. He's been there many more times, and met with much higher-up leaders. I've lived in Russia for long periods in the past, but have not been there in recent years. I've met Yeltsin, and some other top officials, but so what? That's nothing like negotiating with them, and having high-level talks with them in private. I haven't always had the luxury to spend all day, every day, studying and interacting on Russia. He has done all these things, and more, so I respect that. He's one of those experts and former officials you simply need to respect.

I still think he is too gingerly on Russia. He doesn't provide enough of a quick recipe in this piece about DETERRENCE which is the only thing that makes sense with Russia. He mentions how we have to respond to the hacking -- so I take it he approves of the expulsions, which are pretty thorough and I think warranted. We need to hear more from him on deterrence -- would he be for getting involved with this grand bargain of a "new architecture" crap the Russians are trying to foist on Europe? Hope not! I don't think so.

But here's what's smart:

o he says the US has lurched between wanting Russia as a partner to treating it as a sullen, declining power (which is what it is, and which is how it does in fact need to be treated in my view. I'm glad he's put the description "out there". I once said Russia was behaving "like a sullen teenager" when I gave a briefing to a room full of ambassadors at the UN, and while the Russian was not among them, I still felt that the Europeans didn't like that frank talk and some didn't ask me back after that. But "sullen" is how to understand it. Amb. Samantha Power, in an essay that later became a book I believe*, talked about the role of spite in understanding the Serbians. Serbians do spite even worse than Russians, but spite is big. Spite, rooted in that inferiority complex they have, is indeed what they are all about.

o Burns is right that the US can't make up its mind and be consistent -- and this is because it becomes a political platform for each successive administration -- Putin has ensured havoc for generations to come by making pro-Kremlin policy a preserve of the right as well as the left. But Burns' caution against making friends with Russia through personal rapport and a "grand bargain" is aimed at Trump -- it won't work because there are too many other issues.

o the issues are Putin mainly, but not only, as he believes Putin has a spiteful agenda to do damage on every single issue he can't get success on -- if he can't stop the war in Syria, he will degrade the rebels and prop up Assad; if he can't keep Ukraine from turning West, he will grab Crimea and invade Donbass and so on. As Burn says:

The ultimate realist, Mr. Putin understands Russia’s relative weakness, but regularly demonstrates that declining powers can be at least as disruptive as rising powers. He sees a target-rich environment all around him.

o Burns is particularly smart on Ukraine -- which is rare in a Russian hand, or rare as a positive thing, since too many are awful on Ukraine:

A third step is to stay sharply focused on Ukraine, a country whose fate will be critical to the future of Europe, and Russia, over the next generation. This is not about NATO or European Union membership, both distant aspirations. It is about helping Ukrainian leaders build the successful political system that Russia seeks to subvert.

That's an interesting take, although of course arming Ukraine would be better. But it does mean we should do more to give aid and trade to Ukraine. There's all those eggs that Andrew Kramer says don't have buyers. Couldn't some cake batter manufacturer use these? Or somebody? McDonalds? We should be trying to help. Ukraine is the "Un-Russia". That's more important than being in NATO as a weak junior partner. What we need to show is a way for Soviet states to reform in such a way that not only are they acceptable partners to the West, they bring prosperity and security to their citizens without the Soviet ideology or economic model (which the Donbass represents). That's a help to reformers within Russia, too, although Burns doesn't say that. I seem to recall that when he was penning or at least signing cables at the US Embassy, he wasn't very positive about the Russian opposition.

The second step before this was "reassure our allies of a commitment to NATO". But..what? Continue the same aid for the military, even if some countries can't pay up? Of course we should. We need more than battalions. There are already some good EU disinformation shops. But we really should have some kind of center or clearing house that examines each and every incident of Russian encroachment, near-miss, provocation etc on land, air, and sea. And Russian claims of same from NATO's side. Each time one of these things happen, I struggle to find some statement on it, it's often late in coming from the specific country involved. It would be great if some center immediately filled the air waves with the truthful story of these incidents.

There's more, but I think basically, William Burns is telling Trump not to give away the store with Russia and to keep our allies close, and that's important. He doesn't have to mention "Trump" or "Tillerson" because there are scores of Kremlinologists in his world saying the same thing as those elected or appointed leaders. So it's good he represents in fact a non-Carnegie line on this score.

Of course, he's padded these insights with lots of stuff about how we need to "respect" Russia. But he's actually also added that he has learned the hard way to do this -- as in respect that a bully in your schoolyard may knock you over, and to give him a wide berth.

This idea that we've "ignored" Russia just doesn't sit well with me because as long as I can remember (40 years plus), we've obsessed about Russia at every turn. It's never been "taken for granted" even after the coup. I don't think Obama has said anything disparaging about it. Or has he? What is that about?

If he said Russia is a declining power, well, it is. We're learning how vicious that decline can be...

*I recall this as a piece in the New Republic, but I don't see that among her 3 pieces in the New Republic archives -- or anywhere. To be continued....